Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1441

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2015-1441
Last Modified 04 Feb 2015 12:02:32
Published 03 Feb 2015 11:59:26
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-1441

Summary

SQL injection vulnerability in Piwigo before 2.5.6, 2.6.x before 2.6.5, and 2.7.x before 2.7.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Vulnerable Systems

Application

  • Piwigo 2.5.5

  • Piwigo 2.6.0

  • Piwigo 2.6.1

  • Piwigo 2.6.2

  • Piwigo 2.6.3

  • Piwigo 2.6.4

  • Piwigo 2.7.0

  • Piwigo 2.7.1

  • Piwigo 2.7.2


References

BID - 72400

SECUNIA - 62606

CONFIRM - http://piwigo.org/releases/2.7.3

CONFIRM - http://piwigo.org/releases/2.6.5

CONFIRM - http://piwigo.org/releases/2.5.6

CONFIRM - http://piwigo.org/forum/viewtopic.php?id=25016


Last Updated: 27 May 2016 11:07:42